NEAS[.]fbd894bea0bd21870316d706ba5c6760[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.fbd894bea0bd21870316d706ba5c6760.exe
Size

66KB
MD5

fbd894bea0bd21870316d706ba5c6760
SHA1

5acf5b20d8c0071aec7981bc1575646f35308647
SHA256

461de113afa607afb226b727782925b88bcb49e48cc702fc58eb6453d10c319c
SHA512

f215313e26b8f449e40939183c19c61a7942bf73fcf7f6e2d278a2a2e0cdd6201b07331183d038f78bdd33c6581b4088316d25c898d64f61e87f037e8c08f9c9
SSDEEP

1536:H43815iCn6R+d2QUNllq/VDVzbFYhnioFmTAiYdKvHJn:Y381AC6oeE/NZFYcoIAiYdK/1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.fbd894bea0bd21870316d706ba5c6760.exe

Files

NEAS.fbd894bea0bd21870316d706ba5c6760.exe
.exe windows:4 windows x86

58730937e60a9fec1d49e554451a4476

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueueUserAPC
ReplaceFileW
GlobalFindAtomA
GetProcessIoCounters
SetDefaultDllDirectories
AddConsoleAliasW
GetApplicationUserModelId
GetVolumePathNameA
GetNumberFormatW
GlobalFlags
BasepCheckAppCompat

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE